Download
| Alert*
oval:org.secpod.oval:def:703014
squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:89002592 This update for squid3 fixes the following issues: Security issue fixed: - CVE-2018-19131: Fixed Cross-Site-Scripting vulnerability in the TLS error handling . oval:org.secpod.oval:def:89002435 This update for squid3 fixes the following issues: - CVE-2018-1172: Fixed a DoS caused by incorrect handling of ESI responses oval:org.secpod.oval:def:703974 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:703456 squid3: Web proxy cache server Squid could be made to expose sensitive information over the network. oval:org.secpod.oval:def:702306 squid3: Web proxy cache server Squid could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:600708 It was discovered that the IPv6 support code in Squid does not properly handle certain DNS responses, resulting in deallocation of an invalid pointer and a daemon crash. The squid package and the version of squid3 shipped in lenny lack IPv6 support and are not affected by this issue. oval:org.secpod.oval:def:89002389 This update for squid3 fixes the following issues: Security issues fixed: - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esi_parser . - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien processing ESI ... oval:org.secpod.oval:def:89000156 squid3 is installed oval:org.secpod.oval:def:89044757 This update for squid3 fixes the following issues: - CVE-2016-10002: Fixed incorrect processing of responses to If-None-Modified HTTP conditional requests. This allowed responses containing private data to clients it should not have reached - CVE-2014-9749: Prevent nonce replay in Digest authentica ... oval:org.secpod.oval:def:601439 squid3 is installed oval:org.secpod.oval:def:600973 Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi: CVE-2012-5643 squid"s cachemgr.cgi was vulnerable to excessive resource use. A remote attacker could exploit this flaw to perform a denial of service att ... oval:org.secpod.oval:def:600619 Ben Hawkes discovered that squid3, a full featured Web Proxy cache , is vulnerable to a buffer overflow when processing gopher server replies. An attacker can exploit this flaw by connecting to a gopher server that returns lines longer than 4096 bytes. This may result in denial of service conditions ... oval:org.secpod.oval:def:2000932 This vulnerability allows remote attackers to deny service on vulnerable installations of The Squid Software Foundation Squid 3.5.27-20180318. Authentication is not required to exploit this vulnerability. The specific flaw exists within ClientRequestContext::sslBumpAccessCheck. A crafted request can ... oval:org.secpod.oval:def:52348 squid3: Web proxy cache server Squid could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:89045186 This update for squid3 fixes the following issues: - Multiple issues in pinger ICMP processing. - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. - CVE-2016-4554: fix header smuggling issue in HTTP Request processing - Fix multiple Denial of Service issues in HTTP Response proces ... oval:org.secpod.oval:def:21011 Matthew Daley discovered that Squid3, a fully featured web proxy cache, did not properly perform input validation in request parsing. A remote attacker could use this flaw to mount a denial of service by sending crafted Range requests. oval:org.secpod.oval:def:89045381 This update for squid3 fixes the following issues: - Multiple issues in pinger ICMP processing. - CVE-2016-3947: Buffer overrun issue in pinger ICMPv6 processing. - CVE-2016-4554: fix header smuggling issue in HTTP Request processing - fix multiple Denial of Service issues in HTTP Response proces ... oval:org.secpod.oval:def:702174 squid3: Web proxy cache server Squid could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:52282 squid3: Web proxy cache server Squid could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:602187 Alex Rousskov of The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not correctly handle CONNECT method peer responses when configured with cache_peer and operating on explicit proxy traffic. This could allow remote clients to gain unrestricted access through a ga ... oval:org.secpod.oval:def:602715 Saulius Lapinskas from Lithuanian State Social Insurance Fund Board discovered that Squid3, a fully featured web proxy cache, does not properly process responses to If-None-Modified HTTP conditional requests, leading to client-specific Cookie data being leaked to other clients. A remote attacker can ... oval:org.secpod.oval:def:53257 Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-1000024 Louis Dion-Marcil discovered that Squid does not properly handle processing of certain ESI responses. A remote ... oval:org.secpod.oval:def:51534 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:602430 Alex Rousskov from The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not properly handle errors for certain malformed HTTP responses. A remote HTTP server can exploit this flaw to cause a denial of service . oval:org.secpod.oval:def:43822 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:52730 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:52832 squid3: Web proxy cache server Squid could be made to expose sensitive information over the network. oval:org.secpod.oval:def:52912 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:603278 Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-1000024 Louis Dion-Marcil discovered that Squid does not properly handle processing of certain ESI responses. A remote ... oval:org.secpod.oval:def:1900031 Squid before 4.4, when SNMP is enabled, allows a denial of service via an SNMP packet. oval:org.secpod.oval:def:51582 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:703165 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:35561 squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:602563 Several security issues have been discovered in the Squid caching proxy. CVE-2016-4051: CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid. CVE-2016-4052: CESG discovered that a buffer over ... oval:org.secpod.oval:def:2003935 An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace charact ... oval:org.secpod.oval:def:39003 squid3: Web proxy cache server Squid could be made to expose sensitive information over the network. oval:org.secpod.oval:def:51520 squid3: Web proxy cache server Squid could be made to expose sensitive information over the network. oval:org.secpod.oval:def:59843 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:57565 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. oval:org.secpod.oval:def:70110 squid: Web proxy cache server - squid3: Web proxy cache server Several security issues were fixed in Squid. |